package com.wisely.xxboot.config;

import com.wisely.xxboot.security.CustomUserService;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

/**
 * <p>Description:</p>
 * <p>Copyright: Copyright (c) 2017</p>
 * <p>Company: 中视数讯</p>
 * <p>Site: www.digi-zones.com</p>
 *
 * @author shengping
 * @version 1.0
 * @date 2017/7/3
 */
@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ //1 springsecurity配置需集成WebSecurityConfigurerAdapter
    @Bean
    UserDetailsService customUserService(){ //2 注册customuserservice的bean
        return new CustomUserService();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(customUserService()); //3 添加我们自定义的userdetailservice认证
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.authorizeRequests()
//                .anyRequest().authenticated() //4 所有请求需要认证即登录后才能访问
//                .and()
//                .formLogin()
//                .loginPage("/slogin")
//                .failureUrl("/slogin?error")
//                .permitAll() //5 定制登录行为 登录页面可以任意访问
//                .and()
//                .logout().permitAll(); //6 定制销毁行为，注销请求可以任意访问
    }
}
